Krebs on Security

NOVEMBER 9, 2021

The other critical flaw patched today that’s already being exploited in the wild is CVE-2021-42321 , yet another zero-day in Microsoft Exchange Server. As Exchange zero-days go, CVE-2021-42321 appears somewhat mild by comparison. Microsoft has published a blog post/FAQ about the Exchange zero-day here.

Security 245

Security Ransomware Passwords Authentication 245

Krebs on Security

FEBRUARY 9, 2021

The flaw being exploited in the wild already — CVE-2021-1732 — affects Windows 10, Server 2016 and later editions. CVE-2021-24078 earned a CVSS Score of 9.8, There is also a zero-day flaw in Google’s Chrome Web browser (CVE-2021-21148) that is seeing active attacks. which is about as dangerous as they come.

Security 299

Security Phishing Access Authentication 299

Data Breach Today

AUGUST 2, 2022

Florida Urgent Care Center Says Incident Involved Billing Vendor PracticeMax A Florida operator of urgent care clinics recently reported to federal regulators a health data breach affecting more than 258,000 individuals tied to a vendor's ransomware attack in May 2021.

Ransomware 266

Ransomware Data breaches IT 266

Krebs on Security

MAY 11, 2021

By all accounts, the most pressing priority this month is CVE-2021-31166 , a Windows 10 and Windows Server flaw which allows an unauthenticated attacker to remotely execute malicious code at the operating system level. 5, 2021 to Microsoft was in Exchange Server.

Ransomware 275

Ransomware Encryption Authentication Security 275

Krebs on Security

JANUARY 13, 2021

Most concerning of this month’s batch is probably a critical bug ( CVE-2021-1647 ) in Microsoft’s default anti-malware suite — Windows Defender — that is seeing active exploitation. So, while CVE-2021-1709 is only rated as [an information exposure flaw] by Microsoft it should be prioritized for patching.”

Security 258

Security Access Marketing IT 258

Data Breach Today

MAY 21, 2021

The latest edition of the ISMG Security Report features highlights from RSA Conference 2021 conference, including the emphasis on "resilience."

Security 280

Security 280

Data Breach Today

JANUARY 8, 2021

IAPP's Trevor Hughes Previews the Year's Global Trends, Challenges and Legislation From contact tracing to data transfer to the new California Privacy Rights Act, 2021 already is shaping up to be a big year for privacy.

Privacy 247

Privacy 247

Krebs on Security

MARCH 9, 2021

The IE weakness — CVE-2021-26411 — affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE.

Security 314

Security Access IT 314

Data Breach Today

SEPTEMBER 7, 2021

Jenai Marinkovic Discusses Highlights from ISACA's State of Cybersecurity Report Key challenges from the recent State of Cybersecurity 2021 report include "integrating risk with maturity and keeping up with industry trends," says Jenai Marinkovic, member of the ISACA Emerging Trends Working Group.

Cybersecurity 239

Cybersecurity Risk 239

Data Breach Today

JUNE 22, 2023

Geller Replaces Michael DeCesare, Who Seeks to 'Balance Health and Lifestyle' Exabeam will have its third CEO since June 2021 after promoting Chief Product Officer Adam Geller to take over as its top leader.

Security 139

Security IT 139

Data Breach Today

MARCH 21, 2022

National Rifle Association States reportedly fell victim to a ransomware attack in October 2021. Attack Details Came to Light in the Organization's FEC Filing The U.S.

Ransomware 188

Ransomware IT 188

Data Breach Today

APRIL 20, 2022

Software and Billing Firm, Urgent Care Provider Report Incidents More than 670,000 individuals have been affected by two 2021 hacking incidents that were only recently reported to federal regulators. The breaches involve healthcare software and billing services firm Adaptive Health Integrations and urgent care provider Urgent Team Holdings.

206

206

The Last Watchdog

JANUARY 18, 2022

After a gloomy start with its first three breach intensive quarters, 2021 has finally ended, and on a positive note. Related: Cybersecurity experts reflect on 2021. Our analysis looked into data breaches that occurred from October to December 2021 (Q4) and compared them with the numbers from July through August 2021 (Q3).

Data breaches 279

Data breaches Privacy Cybersecurity Security 279

Data Breach Today

SEPTEMBER 13, 2021

Join the live discussion as we debut these results and more, gathered through the 2021 Cybersecurity Complexity Research Study conducted in H2 2021. What are effective strategies for reducing the number of vendors, simplifying the stack, integrating disparate tools and gaining that single, complete view of threats?

Cybersecurity 190

Cybersecurity Cloud Security 190

The Last Watchdog

JUNE 13, 2022

Investors more than doubled down in 2021, increasing investment by about 145 percent. Major breaches in Parler, Microsoft Exchange Server, Experian, and LinkedIn increased the intensity of concern about API supply chain attacks in 2021. The Log4j vulnerability reported at the end 2021 heightened concern even more.

Cybersecurity 257

Cybersecurity Data science Artificial Intelligence Security 257

AIIM

JANUARY 19, 2021

We're so excited to announce that registration for The AIIM Conference 2021 for records and information professionals is now live! AIIM21 is set for April 27-29th, 2021. Get Ready for The AIIM Conference 2021. This year, join us as we "Go Big, and Stay Home!" Now is your chance: Sign up today to get the best deal.

Topic intelligence 197

Topic intelligence Information governance Government Access 197

Security Affairs

APRIL 28, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. ” reads the advisory published by CISA.

Cybersecurity 144

Cybersecurity Security Government Risk 144

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Colonial Pipeline ( May 2021 ) – The Colonial Pipeline facility in Pelham, Alabama, was hit by a cybersecurity attack in May and its operators were forced to shut down its systems.

Ransomware 108

Ransomware Cybersecurity Security Encryption 108

Security Affairs

JULY 30, 2021

Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. I do root cause analysis and exploit CVE-2021-3490 for LPE with PoC included. link] — chompie (@chompie1337) July 29, 2021. Here's the LPE PoC exploit for CVE-2021-3490.

Security 141

Security Information Security Cybersecurity IT 141

AIIM

APRIL 15, 2021

For fun and visual effect, we've created this 2021 Informational Professionals' report card to present the results. In it, John Mancini takes a deep look at what the data is telling us are the most important topics in our industry for 2021 and beyond. How to Deal with Information Chaos. So, what can be done, and where should we begin?

GDPR 254

GDPR Records Management Risk Education 254

Hunton Privacy

JUNE 2, 2022

On May 11, 2022, the French Data Protection Authority (the “CNIL”) published its Annual Activity Report for 2021 (the “Report”). The Report provides an overview of the CNIL’s enforcement activities in 2021. In particular, the Report revealed that: The CNIL received 14,143 complaints in 2021 (+4% compared to 2020) and closed 12,522.

Artificial Intelligence 109

Artificial Intelligence Data breaches Privacy Cybersecurity 109

Security Affairs

OCTOBER 11, 2022

VMware has yet to address the CVE-2021-22048 privilege escalation vulnerability in vCenter Server disclosed in November 2021. VMware warns customers that it has yet to address a high-severity privilege escalation vulnerability, tracked as CVE-2021-22048 , in the vCenter Server. SecurityAffairs – hacking, CVE-2021-22048 ).

Authentication 126

Authentication Security Access Information Security 126

AIIM

FEBRUARY 9, 2021

This research not only fuels AIIM's educational and developmental releases for all of 2021, it also gives the community a voice. Click Here to Take the Official 2021 IIM Survey (and Get the Early Results). Each year, AIIM conducts extensive user-research throughout the community to address these questions and more.

Education 198

Education Communications IT 198

Security Affairs

NOVEMBER 28, 2021

0patch released free unofficial patches for Windows local privilege escalation zero-day ( CVE-2021-24084 ) in Windows 10, version 1809 and later. 0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. Pierluigi Paganini.

Security 130

Security Access Information Security Cybersecurity 130

Data Matters

SEPTEMBER 21, 2021

Please join us for a program focused on the latest 2021 FinTech and blockchain developments. Wednesday, September 29, 2021. The post Fintech and Blockchain 2021 appeared first on Data Matters Privacy Blog. Thomas Ward , Partner, Former CFPB Enforcement Director and Former DOJ Deputy Assistant Attorney General. PDT | 12:00 p.m.

Blockchain 88

Blockchain Privacy 88

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 141

IoT Authentication Security Manufacturing 141

Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8).

Security 114

Security Information Security IT 114

Security Affairs

DECEMBER 29, 2021

version to address recently discovered arbitrary code execution flaw tracked as CVE-2021-44832. version to address a recently discovered arbitrary code execution flaw, tracked as CVE-2021-44832, affecting Log4j 2.17.0. CVE-2021-44832 is the fifth vulnerability discovered in the popular library in the last weeks. beta9 to 2.14.1

Libraries 121

Libraries Security Information Security IT 121

Threatpost

JANUARY 3, 2021

Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts.

Cybersecurity 136

Cybersecurity Cloud Artificial Intelligence IoT 136

Security Affairs

JULY 26, 2021

Apple released a security update that addresses CVE-2021-30807 flaw in macOS and iOS that may have been actively exploited to deliver malware. Apple addressed a security flaw, tracked as CVE-2021-30807, in macOS and iOS that may have been actively exploited to plant malware on vulnerable devices. iOS 14.7.1, and iPadOS 14.7.1,

Security 124

Security Information Security Cybersecurity IT 124